CVE-2022-28205 (https://gerrit.wikimedia.org/r/q/Ic6ba1a37b78df5b342ceeba4c1493dbde583b81f): https://phabricator.wikimedia.org/T302215 An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future. CVE-2022-28206 (https://phabricator.wikimedia.org/T294256): https://gerrit.wikimedia.org/r/q/I84be9cd3639b8ab0e037a4ec2d3f2f478f0989c5 An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidator.php in the FileImporter extension mishandles the check for edit rights. CVE-2022-28209 (https://phabricator.wikimedia.org/T304126): https://gerrit.wikimedia.org/r/q/Id8c4e2e336695ce70ccdf8a51ad729bf4a99f8f7 An issue was discovered in Mediawiki through 1.37.1. The check for the override-antispoof permission in the AntiSpoof extension is incorrect. CVE-2022-28202 (https://phabricator.wikimedia.org/T297543): An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete. I can't discern a fixed version for all of these.
Seems like these might be the CVEs in the upcoming security releases? https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/5FGCLGPOTRWEJOCTPZ7BF3X6SV43WVXM/
They have been released: https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/YJNXKPV5Z56NSUQ4G3SXPDUIZG5EQ7UR/
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e8e8b065191f9b3dcc3de5afcb61fd94f59d2726 commit e8e8b065191f9b3dcc3de5afcb61fd94f59d2726 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2022-04-01 06:52:25 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2022-04-01 06:54:06 +0000 www-apps/mediawiki: security bump to 1.36.4 + eapi8 Bug: https://bugs.gentoo.org/836430 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 1 + www-apps/mediawiki/mediawiki-1.36.4.ebuild | 86 ++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fdcb60d50be5c81d0f7f6833d4d531d9a6275ca8 commit fdcb60d50be5c81d0f7f6833d4d531d9a6275ca8 Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2022-04-01 06:50:42 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2022-04-01 06:54:05 +0000 www-apps/mediawiki: security bump to 1.37.2 + eapi8 Bug: https://bugs.gentoo.org/836430 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 1 + www-apps/mediawiki/mediawiki-1.37.2.ebuild | 86 ++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+)
Thanks fordfrog!
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7a122138a8df9545d0e7e7ddd7b0ca80339ad05d commit 7a122138a8df9545d0e7e7ddd7b0ca80339ad05d Author: Miroslav Šulc <fordfrog@gentoo.org> AuthorDate: 2022-04-01 16:05:29 +0000 Commit: Miroslav Šulc <fordfrog@gentoo.org> CommitDate: 2022-04-01 16:05:29 +0000 www-apps/mediawiki: security cleanup (1.36.3 & 1.37.1) Bug: https://bugs.gentoo.org/show_bug.cgi?id=836430 Signed-off-by: Miroslav Šulc <fordfrog@gentoo.org> www-apps/mediawiki/Manifest | 2 - www-apps/mediawiki/mediawiki-1.36.3.ebuild | 86 ------------------------------ www-apps/mediawiki/mediawiki-1.37.1.ebuild | 86 ------------------------------ 3 files changed, 174 deletions(-)
the tree is clean now, you can proceed.
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=c162c36dafd4f17b3f87b94d2fefa1a5a3905fc1 commit c162c36dafd4f17b3f87b94d2fefa1a5a3905fc1 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-21 19:43:14 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-05-21 19:51:29 +0000 [ GLSA 202305-24 ] MediaWiki: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/815376 Bug: https://bugs.gentoo.org/829302 Bug: https://bugs.gentoo.org/836430 Bug: https://bugs.gentoo.org/855965 Bug: https://bugs.gentoo.org/873385 Bug: https://bugs.gentoo.org/888041 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202305-24.xml | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+)
GLSA released, all done!
